﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Data.OleDb;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;


public partial class UserManage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        Label13.Text = Label23.Text = Label33.Text = "";
        IsAbleModify();
    }

    //若登录，则返回true,否则返回false
    protected bool IsLogin() 
    {
        if (Session["userinfo"] != null)
        {
            return true;
        }
        else
        {
            return false;
        }
    }

    //若管理员，则返回true,否则返回false
    protected bool IsAdmin()
    {
        if (Session["IsAdmin"].ToString() == "True" || Session["IsAdmin"].ToString() == "true")
        {
            return true;
        }
        else
        {
            return false;
        }
    }

    protected void IsAbleModify()
    {
        if (!IsLogin())
        {
            ModifyPassword.InnerHtml = "请先登录!";
        }
    }


    protected void Button1_Click(object sender, EventArgs e)
    {
        if (TextBox1.Text == "")
        {
            Label13.Text = "请输入旧密码!";
            Label43.Text = "";
        }
        else if (TextBox2.Text == "")
        {
            Label23.Text = "请输入新密码!";
            Label43.Text = "";
        }
        else if (TextBox2.Text != TextBox3.Text)
        {
            Label33.Text = "两次输入密码不一致";
            Label43.Text = "";
        }
        else
        {           
            ValidUserInfo();            
        }
    }

    private void ValidUserInfo()
    {

        string Username;
        string NewPassword = TextBox2.Text;

        if (Session["EmpID"] != null)
        {
            Username = Session["EmpID"].ToString();
            string OldPassword = TextBox1.Text;
            string UserInfoQuery = "SELECT TOP 1 * FROM UserList WHERE EmpID = '" + Username + "' AND EmpPassword = '" + OldPassword + "'";
            //string UserInfoQuery = "SELECT count(*) FROM USERLIST WHERE EmpID = 62117 AND EmpPassword = '123'";
            DBOperate MyDB = new DBOperate();
            MyDB.SetCommandString(UserInfoQuery);
            OleDbDataReader reader = MyDB.ExecuteReader();
            if (!reader.HasRows)
            {
                Label43.Text = "旧密码输入错误";
                reader.Close();
            }
            else
            {
                reader.Close();
                string ModifyPassword = "UPDATE UserList SET EmpPassword='" + NewPassword + "' WHERE EmpID = '" + Username + "'";
                MyDB.SetCommandString(ModifyPassword);
                MyDB.ExecuteNonReader();
                Label43.Text = "密码修改成功！";
                
            }
            MyDB.CloseDB();
        }
        
    }
}
